Policies around data storage and document retention are integral to the smooth functioning of any organization, but these documents must be drafted carefully to ensure that employees actually follow them. R. Jason Straight – senior managing director at Kroll Ontrack, a provider of data recovery solutions and legal technologies – explained the differences inherent in these policies.
"A data storage policy dictates to employees where they can store documents and what kinds of documents they're allowed to store in what places – it's more of a security policy," he said. "A document retention policy is something that defines what a company has a legal or business obligation to retain for some period of time."
Still, both policies are intertwined. "You'd want to approach the creation of either of these policies in conjunction with the other," Straight explained. "You can't start drafting a data storage policy without understanding what your retention obligations are."
Straight offered tips on how organizations can design these policies to maximize effectiveness.
"You have to design a DRP or DSP from the perspective of your employees and the users of your systems," he said. "If you don't balance your security and document retention obligations against the needs of your employees to work efficiently, your employees are going to balance it for you after the fact. If you impose obligations on employees that are unreasonable, that are going to drag them down and keep them from getting their job responsibilities completed, guess what's going to get the priority?…
Please log in or subscribe to read this article